Module io.helidon.security.providers.httpsign
Package io.helidon.security.providers.httpsign

Class SignedHeadersConfig

  • public final class SignedHeadersConfig
extends Object
    Configuration of required and "if-present" headers to be signed.

    Example for configuration based approach: 

     sign-headers: [
  # request may sign headers not specified here - only specify the ones that MUST be signed
  {
      # if method is not defined, then this is the default config
      # MUST be present and signed
      always = ["date"]
  }
  {
      method = "get"
      # MUST be present and signed
      always = ["date", "(request-target)", "host"]
      # MUST be signed IF present
      if-present = ["authorization"]
  }
 ]

    • Field Detail

      • REQUEST_TARGET

        public static final String REQUEST_TARGET
        Special header "(request-target)" is used for method and path combination.
        See Also:
        Constant Field Values

    • Method Detail

      • create

        public static SignedHeadersConfig create​(Config config)
        Load header configuration from config.
        Parameters:
        config - config instance, expecting object array as children
        Returns:
        signed headers configuration loaded from config

      • headers

        public List<String> headers​(String method,
                            Map<String,​List<String>> transportHeaders)
        Headers configured for a method with optional headers matched against actual transport headers.
        Parameters:
        method - method (such as GET)
        transportHeaders - actual headers received on the transport
        Returns:
        list of headers that must be signed

      • headers

        public List<String> headers​(String method)
        Headers configured for a method.
        Parameters:
        method - method (such as GET)
        Returns:
        list of headers